Vacancy Type:
23 (GVC)
About The Role

We’re looking for an Application Security Engineer to join us in Sofia on a permanent basis. In this role, you’ll work closely with the development and operations teams to verify that our applications satisfy the defined security criteria, supporting the organisation on the secure design of our gaming platform and conducting reviews of the developed and deployed applications, while improving the automation of security in our development lifecycle.

Some key responsibilities include:  

  • Participating in design and requirement reviews and providing design solutions that allow the application to maintain security without losing functionality. Incorporate design solution in Development, DevOps and Architectural best practices.
  • Conducting application-level penetration testing and independent reviews of source code repositories.
  • Reviewing and improving security architecture of our Products.
  • Performing security assessments of the Group applications on a recurrent basis to ensure security requirements are being met. Providing security sign-off of applications being moved to live environments.
  • Conducting source and dynamic application security reviews in relevant languages (Java, C/C++, Perl, Python, PHP, .NET…).
  • Defining security test cases during test automation and developing new tools to improve the security of the group gaming applications
  • Supporting the investigation of incidents relating to gaming platform anomalies, weaknesses and game integrity compromises


You will already have outstanding technical foundations and a development background, with experience in conducting application security assessments. You should be able to interact with development teams to resolve the identified issues along with the below criteria:

  • Development background
  • Experience in a similar Information Security position
  • Customer-oriented person, with the ability to educate and influence a technical audience on Application Security matters
  • Experienced in relevant development languages (Java, C/C++, Perl, Python, PHP, .NET)
  • Good understanding of HTTP protocols, security controls, API design and security testing

Experience in the following areas:

  • Understanding of cryptography
  • Penetration testing consultancy
  • Source code reviews
  • Vulnerability management      
  • Application security assessments (source code and dynamic)
  • Automation
  • Vulnerability research
  • Security tool development
  • Experience with static source-code analysers
  • Experience with dynamic application security testing tools
  • Experience with Web-Application Firewalls (WAF)
  • Software and protocol reverse engineering

If you would like to be part of a very strong Information Security team, this could be the role for you!

Employee benefits:
  • Competitive remuneration package; 
  • 25 days annual leave;
  • Social benefits: personal health insurance, dental allowance, sport activities, food vouchers;
  • Opportunity to join a team of great professionals;
  • Dynamic and friendly work environment;
  • Team building activities.
Ready to get involved? Bring your energy to GVC and you’ll be in the mix from the start. For the good of entertainment. Apply now!



Our Culture As Real As It gets

At GVC we're a diverse team, sharing a commitment to quality and success

Whether you're playing a key role in your local community as part of our retail team, or working out the next big gaming trends in our digital team, you'll enjoy a culture and a benefits package that we're extremely proud of.